I try to bridge between 2 Opnsense Firewalls using a gif tunnel.
SW 22.1.
The network to be bridged is 22.22.22.0/24
The transfer network between the 2 firewalls is 1.1.1.0/24
This is the setup (all masks are /24)
Host_1 and Host_2 are connected to opt 1 each
Host_1 (22.22.22.103)-----opnsense_1(WAN)1.1.1.1..........1.1.1.2(WAN)opnsense_2-----Host_2(22.22.22.101)
1. define gif interface (see attachments)
2. define bridge and assign opt_1 and gif to it
3. Enable interfaces and define FW rules
Test communication between Host_1 (22.22.22.103) and Host_2(22.22.22.101).
Host_1 pings Host_2
-the arp request of host 1 is anwered by host 2, using etherip encapsulation between the firewalls
-this should confirm that the gif tunnel and bridge is functional in both directions
The problem starts with IP:
ICMP request is sent again over the gif/bridge to host 2 which answers with an ICMP reply.
Now the ICMP reply of host 2 does not enter anymore the gif tunnel at opnsense_2 and the ping fails
The wireshark shows the data on the transfer link / gif tunnel. Only ICMP requests are seen.
The firwall logs at both sides do not report any drops.
Any idea what could be wrong?